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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (Currently Amended) A method of managing keys in a key distribution 
system for a communications group, the key distribution system maintaining a tree of 
nodes including at least one leaf node that has a parent node, each node of the group 
being associated with a first key, the method comprising: 

updating the first keys of a first branch of nodes in the tree by allocating new first 
keys to each of the nodes in the branch; 

determining an offset representing a distance between two chains of one-way 
functions, for generating the updated first key of each node in the branch from a key of 
a previous node in the branch; and 

broadcasting each of said offsets in an unencrypted form so that, given the 
updated first key associated with the first node of said branch, each updated first key of 
said branch of nodes can be calculated. 

2. (Original) A method as claimed in claim 1 , wherein the first key of each 
parent node in said tree of nodes is generated from the first key of each of its child 
nodes by two one-way functions and a mixing function, the mixing function including the 
offset as a parameter. 

3. (Previously Presented) A method as claimed in claim 2, wherein the 
mixing function is an XOR function. 
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4. (Previously Presented) A method as claimed in claim 2, wherein each 
parent key is generated using the formula f(f (child key) XOR OFFSET), wherein 
OFFSET is the offset and f represents a one-way function and wherein child_key is the 
first key of a child node of said parent node. 

5. (Previously Presented) A method as claimed in claim 1 , wherein the 
communication group comprises at least one member that is associated with a leaf 
node of the tree of nodes. 

6. (Original) A method as claimed in claim 5, wherein information transferred 
to, from or between members of the communication group is encrypted using an 
application data encryption key, the encryption key comprising a join field and a leave 
field, wherein each member of the group knows the join field of the encryption key, and 
wherein the leave field of the encryption key is derived from the first key of a root node 
of the tree. 

7. (Original) A method as claimed in claim 6, wherein the join field of the 
encryption key is updated each time a member joins the group. 

8. (Original) A method as claimed in claim 7, wherein the new member joins 
the group using the following method: 

the new user requests access to the group; 

the new user is granted access to the group; 

the new member is assigned a node at a new leaf node of the communication 

group; 
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the new member is sent all the information required to generate the first key of 
each node on a branch of nodes from the new leaf node to the root node; and 

the join field of the application data key is updated. 

9. (Original) A method as claimed in claim 8 wherein the method further 
comprises: 

the generation of a new node as the parent of both the new leaf node and a 
pre-existing node. 

10. (Previously Presented) A method as claimed in claim 7, wherein the 
updated join field is generated from the previous join field using a one-way function. 

1 1 . (Previously Presented) A method as claimed in claim 7, wherein a key 
update request is generated each time a member leaves the group, wherein the first 
keys of each node of the branch of nodes including both the node associated with the 
member that is leaving the group and the root node are the keys that are updated. 

1 2. (Original) A method as claimed in claim 1 1 , wherein a member leaves the 
group using the following method: 

an instruction to remove a member from the group is generated; 

the parent node of the node associated with the leaving member is deleted; 

the sibling node of the node associated with the leaving member is promoted to 
the position occupied by the deleted node; 

the first key of each node on the branch of nodes from the promoted node to the 
root node is updated; 
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offset messages for generating the new first keys are broadcast to the group; 

remaining members of the communications group calculate the updated first key 
nodes of the tree. 

13. (Original) A method as claimed in claim 12, wherein the instruction to 
remove a member from the group is generated by the member that is leaving the group. 

14. (Original) A method as claimed in claim 12, wherein the instruction to 
remove a member from the group is generated by a key distribution server. 

15. (Previously Presented) A method as claimed in claim 1 , wherein the 
nodes are arranged in a hierarchical tree. 

16. (Original) A method as claimed in claim 15, wherein the nodes are 
arranged in a binary tree. 

17. (Previously Presented) A method as claimed in claim 1 further including: 

retransmitting messages enabling users to update keys in case the users have 
not received those messages. 

18. (Original) A method as claimed in claim 17 wherein the retransmitted 
messages are attached to application data packets. 

19. (Previously Presented) A method as claimed in claim 17 wherein the 
retransmitted messages contain a sequence number indicative of the position in the 
sequence of key updates. 

20. (Original) A method as claimed in claim 19 wherein the sequence number 
is cyclic. 
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21 . (Previously Presented) A key distribution system which, in operation, 
performs the method of claim 1 . 

22. (Currently Amended) A key distribution system for a communications 
group, the key distribution system comprising: 

a distribution server including 

means for maintaining a tree of nodes including at least one leaf node that 
has a parent node, each node being associated with a first key; 

wherein the first key of each parent node in the tree is derived from the 
first key of each of its child nodes by two one-way functions and a mixing 
function, the mixing function including an offset value representing a distance 
between two chains of one-way functions, as a parameter which is broadcast in 
an unencrypted form. 

23. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein the mixing function is an XOR function. 

24. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein each parent key is generated using the formula f(f (child_key) XOR OFFSET), 
wherein OFFSET is the offset and f represents a one-way function and wherein 
child_key is the first key of a child node of said parent node. 

25. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein_said means for maintaining comprises: 
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means for updating the first keys of a first chain of nodes along a branch of the 
tree by allocating new first keys to each of those nodes in response to a request to 
update the first keys of that chain of nodes; 

means for determining an offset for generating the updated first key of each 
member of the chain from the previous member of the chain; and 

means for broadcasting each of said offsets so that, given the updated first key 
associated with the first node of said chain of nodes, each updated first key on said 
chain of nodes can be calculated. 

26. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein the communication group comprises at least one member that is associated 
with a leaf node. 

27. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein each member of the communications group includes means for encrypting and 
decrypting so that information transmitted to, from or between members of the 
communication group is encrypted using an application data encryption key, the 
encryption key comprising a join field and a leave field, wherein each member of the 
group knows the join field of the encryption key, and wherein the leave field of the 
encryption key is derived from the first key of a root node of the tree. 

28. (Previously Presented) A key distribution system as claimed in claim 27, 
wherein the join field of the encryption key is updated each time a new member joins 
the group. 
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29. (Original) A key distribution system as claimed in claim 28, wherein the 
new member joins the group using the following method: 

the new user requests access to the group; 

the new user is granted access to the group; 

the new member is assigned a node at a new leaf node of the communication 

group; 

the new member is sent all the information required to generate the first key of 
each node on a branch of nodes from the new leaf node to the root node; and 

the join field of the application data encryption key is updated. 

30. (Original) A key distribution system as claimed in claim 29 wherein the 
said new member join method further comprises the generation of a new node as the 
parent of both the new leaf node and a pre-existing node. 

31 . (Previously Presented) A key distribution system as claimed in claim 28, 
wherein the updated join field is generated from the previous join field using a one-way 
function. 

32. (Previously Presented) A key distribution system as claimed in claim 27, 
wherein a key update request is generated each time a member leaves the group, 
wherein the first keys of each node of the branch of nodes including both the node 
associated with the member that is leaving the group and the root node are the keys 
that are updated. 
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33. (Original) A key distribution system as claimed in claim 32, wherein a 
member leaves the group using the following protocol: 

an instruction to remove a member from the group is generated; 

the parent node of the node associated with the leaving member is deleted; 

the sibling node of the node associated with the leaving member is promoted to 
the position occupied by the deleted node; 

the first key of each node on the branch of nodes from the promoted node to the 
root node is updated; 

offset messages for generating the new first keys are broadcast to the group; 

remaining members of the communications group calculate the updated first keys 
of nodes of the tree. 

34. (Original) A key distribution system as claimed in claim 33, wherein the 
instruction to remove a member from the group is generated by the member that is 
leaving the group. 

35. (Original) A key distribution system as claimed in claim 33, except, 
wherein the instruction to remove a member from the group is generated by the key 
distribution server. 

36. (Previously Presented) A key distribution system as claimed in claim 22, 
wherein the nodes are arranged in a hierarchical tree. 

37. (Original) A key distribution system as claimed in claim 36, wherein the 
nodes are arranged in a binary tree. 
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38. (Currently Amended) A key distribution system for a communications 
group, the key distribution system comprising: 

an encryption key distribution server including means for maintaining a tree of 
nodes including a root node that has at least one child node, and at least one leaf node 
that has a parent node, 

the distribution server including means for servicing a communication group 
comprising at least one member client device, wherein a served encryption key defined 
in a server memory device comprises a join field and a leave field, and wherein: 

each member client device of the group knows the join field of the encryption 

key; 

each node of the key distribution system is associated with a leave key; koy; and 

the leave field of the encryption key is derived from the leave key of the root 
node: and nod e . 

the first key of parent nodes in the tree is generated from the first key of each of 
its child nodes by two one-way functions and a mixing function, the mixing function 
including an offset representing a distance between two chains of one-way functions, as 
a parameter. 

39. (Previously Presented) A key distribution system as in claim 38, wherein 
said at least one member client device is associated with a leaf node of the tree of 
nodes. 
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40. (Previously Presented) An encryption key distribution system as in claim 

38, wherein the join field of the encryption key is updated each time a member client 
device joins the group. 

41 . (Previously Presented) An encryption key distribution system as in claim 
40, wherein the updated join field is generated from the previous join field using a one- 
way function. 

42. (Previously Presented) An encryption key distribution system as in claim 

39, wherein: 

a key update request to the server is generated each time a member client 
device leaves the group, and 

the leave keys of each node of the branch of nodes including both the node 
associated with the member client device that is leaving the group and the root node are 
updated. 

Claim 43 (Canceled). 

44. (Previously Presented) An encryption key distribution system as in claim 
43, wherein the mixing function is an XOR function. 

45. (Previously Presented) An encryption key as in claim 43, wherein: 

each parent key is generated using the formula f(f (child_key) XOR OFFSET), 
wherein OFFSET is the offset and f represents a one-way function and wherein child 
key is the first key of a child node of said parent node. 
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